diff --git a/src/common/capwap_element_80211_antenna.c b/src/common/capwap_element_80211_antenna.c index f442cc8..52c0f99 100644 --- a/src/common/capwap_element_80211_antenna.c +++ b/src/common/capwap_element_80211_antenna.c @@ -19,19 +19,37 @@ Length: >= 5 /* */ static void capwap_80211_antenna_element_create(void* data, capwap_message_elements_handle handle, struct capwap_write_message_elements_ops* func) { + int i; struct capwap_80211_antenna_element* element = (struct capwap_80211_antenna_element*)data; ASSERT(data != NULL); + ASSERT(IS_VALID_RADIOID(element->radioid)); + ASSERT(element->selections != NULL); func->write_u8(handle, element->radioid); func->write_u8(handle, element->diversity); func->write_u8(handle, element->combiner); - func->write_u8(handle, element->antennacount); - func->write_block(handle, element->antennaselections, element->antennacount); + func->write_u8(handle, element->selections->count); + for (i = 0; i < element->selections->count; i++) { + func->write_u8(handle, *(uint8_t*)capwap_array_get_item_pointer(element->selections, i)); + } +} + +/* */ +static void capwap_80211_antenna_element_free(void* data) { + struct capwap_80211_antenna_element* element = (struct capwap_80211_antenna_element*)data; + + ASSERT(data != NULL); + ASSERT(element->selections != NULL); + + capwap_array_free(element->selections); + capwap_free(data); } /* */ static void* capwap_80211_antenna_element_parsing(capwap_message_elements_handle handle, struct capwap_read_message_elements_ops* func) { + int i; + uint8_t count; unsigned short length; struct capwap_80211_antenna_element* data; @@ -53,32 +71,34 @@ static void* capwap_80211_antenna_element_parsing(capwap_message_elements_handle /* */ data = (struct capwap_80211_antenna_element*)capwap_alloc(sizeof(struct capwap_80211_antenna_element)); memset(data, 0, sizeof(struct capwap_80211_antenna_element)); + data->selections = capwap_array_create(sizeof(uint8_t), 0, 1); /* Retrieve data */ func->read_u8(handle, &data->radioid); + if (!IS_VALID_RADIOID(data->radioid)) { + capwap_80211_antenna_element_free((void*)data); + capwap_logging_debug("Invalid IEEE 802.11 Antenna element element: invalid radio"); + return NULL; + } + func->read_u8(handle, &data->diversity); func->read_u8(handle, &data->combiner); - func->read_u8(handle, &data->antennacount); + func->read_u8(handle, &count); /* Check */ - if (data->antennacount != length) { + if (count != length) { capwap_logging_debug("Invalid IEEE 802.11 Antenna element"); capwap_free(data); return NULL; } - func->read_block(handle, data->antennaselections, length); + for (i = 0; i < count; i++) { + func->read_u8(handle, (uint8_t*)capwap_array_get_item_pointer(data->selections, i)); + } return data; } -/* */ -static void capwap_80211_antenna_element_free(void* data) { - ASSERT(data != NULL); - - capwap_free(data); -} - /* */ struct capwap_message_elements_ops capwap_element_80211_antenna_ops = { .create_message_element = capwap_80211_antenna_element_create, diff --git a/src/common/capwap_element_80211_antenna.h b/src/common/capwap_element_80211_antenna.h index 89fa5ff..f2786d1 100644 --- a/src/common/capwap_element_80211_antenna.h +++ b/src/common/capwap_element_80211_antenna.h @@ -20,8 +20,7 @@ struct capwap_80211_antenna_element { uint8_t radioid; uint8_t diversity; uint8_t combiner; - uint8_t antennacount; - uint8_t antennaselections[CAPWAP_ANTENNASELECTIONS_MAXLENGTH]; + struct capwap_array* selections; }; extern struct capwap_message_elements_ops capwap_element_80211_antenna_ops; diff --git a/src/common/capwap_element_80211_directsequencecontrol.c b/src/common/capwap_element_80211_directsequencecontrol.c index 1417b80..a8d9d8f 100644 --- a/src/common/capwap_element_80211_directsequencecontrol.c +++ b/src/common/capwap_element_80211_directsequencecontrol.c @@ -22,6 +22,7 @@ static void capwap_80211_directsequencecontrol_element_create(void* data, capwap struct capwap_80211_directsequencecontrol_element* element = (struct capwap_80211_directsequencecontrol_element*)data; ASSERT(data != NULL); + ASSERT(IS_VALID_RADIOID(element->radioid)); /* */ func->write_u8(handle, element->radioid); @@ -31,6 +32,13 @@ static void capwap_80211_directsequencecontrol_element_create(void* data, capwap func->write_u32(handle, element->enerydetectthreshold); } +/* */ +static void capwap_80211_directsequencecontrol_element_free(void* data) { + ASSERT(data != NULL); + + capwap_free(data); +} + /* */ static void* capwap_80211_directsequencecontrol_element_parsing(capwap_message_elements_handle handle, struct capwap_read_message_elements_ops* func) { struct capwap_80211_directsequencecontrol_element* data; @@ -49,6 +57,12 @@ static void* capwap_80211_directsequencecontrol_element_parsing(capwap_message_e /* Retrieve data */ func->read_u8(handle, &data->radioid); + if (!IS_VALID_RADIOID(data->radioid)) { + capwap_80211_directsequencecontrol_element_free((void*)data); + capwap_logging_debug("Invalid IEEE 802.11 Direct Sequence Control element: invalid radio"); + return NULL; + } + func->read_u8(handle, NULL); func->read_u8(handle, &data->currentchannel); func->read_u8(handle, &data->currentcca); @@ -57,13 +71,6 @@ static void* capwap_80211_directsequencecontrol_element_parsing(capwap_message_e return data; } -/* */ -static void capwap_80211_directsequencecontrol_element_free(void* data) { - ASSERT(data != NULL); - - capwap_free(data); -} - /* */ struct capwap_message_elements_ops capwap_element_80211_directsequencecontrol_ops = { .create_message_element = capwap_80211_directsequencecontrol_element_create, diff --git a/src/common/capwap_element_80211_directsequencecontrol.h b/src/common/capwap_element_80211_directsequencecontrol.h index e87f64e..9fce8db 100644 --- a/src/common/capwap_element_80211_directsequencecontrol.h +++ b/src/common/capwap_element_80211_directsequencecontrol.h @@ -8,6 +8,7 @@ #define CAPWAP_DSCONTROL_CCA_EDANDCS 4 #define CAPWAP_DSCONTROL_CCA_CSWITHTIME 8 #define CAPWAP_DSCONTROL_CCA_HRCSANDED 16 +#define CAPWAP_DSCONTROL_CCA_MASK 0x1f struct capwap_80211_directsequencecontrol_element { uint8_t radioid; diff --git a/src/common/capwap_element_80211_ofdmcontrol.h b/src/common/capwap_element_80211_ofdmcontrol.h index eec1de2..e279a44 100644 --- a/src/common/capwap_element_80211_ofdmcontrol.h +++ b/src/common/capwap_element_80211_ofdmcontrol.h @@ -10,6 +10,7 @@ #define CAPWAP_OFDMCONTROL_BAND_JP_525 0x10 #define CAPWAP_OFDMCONTROL_BAND_503_5091 0x20 #define CAPWAP_OFDMCONTROL_BAND_494_499 0x40 +#define CAPWAP_OFDMCONTROL_BAND_MASK 0x7f struct capwap_80211_ofdmcontrol_element { uint8_t radioid; diff --git a/src/common/capwap_element_acdescriptor.c b/src/common/capwap_element_acdescriptor.c index bc70b19..7c78aab 100644 --- a/src/common/capwap_element_acdescriptor.c +++ b/src/common/capwap_element_acdescriptor.c @@ -40,6 +40,7 @@ static void capwap_acdescriptor_element_create(void* data, capwap_message_elemen ASSERT(!(element->security & ~CAPWAP_ACDESC_SECURITY_MASK)); ASSERT(!(element->dtlspolicy & ~CAPWAP_ACDESC_DTLS_POLICY_MASK)); ASSERT((element->rmacfield == CAPWAP_ACDESC_RMACFIELD_SUPPORTED) || (element->rmacfield == CAPWAP_ACDESC_RMACFIELD_NOTSUPPORTED)); + ASSERT(element->descsubelement != NULL); /* */ func->write_u16(handle, element->stations);